puppet 0.24.0 → 0.24.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

data/CHANGELOG CHANGED
@@ -1,3 +1,27 @@
1
+ Updated vim filetype detection. (#900 and #963)
2
+
3
+ Default resources like schedules no longer conflict with
4
+ managed resources. (#965)
5
+
6
+ Removing the ability to disable http keep-alive, since
7
+ it didn't really work anyway and it should no longer
8
+ be necessary.
9
+
10
+ Refactored http keep-alive so it actually works again.
11
+ This should be sufficient enough that we no longer need the
12
+ ability to disable keep-alive. There is now a central
13
+ module responsible for managing HTTP instances, along with
14
+ all certificates in those instances.
15
+
16
+ Fixed a backward compatibility issue when running 0.23.x
17
+ clients against 0.24.0 servers -- relationships would
18
+ consistently not work. (#967)
19
+
20
+ Closing existing http connections when opening a new one,
21
+ and closing all connections after each run. (#961)
22
+
23
+ Removed warning about deprecated explicit plugins mounts.
24
+
1
25
  0.24.0 (misspiggy)
2
26
  Modifying the behaviour of the certdnsnames setting. It now defaults
3
27
  to an empty string, and will only be used if it is set to something
data/bin/puppet CHANGED
@@ -198,9 +198,13 @@ begin
198
198
  # Compile our catalog
199
199
  catalog = Puppet::Node::Catalog.find(node)
200
200
 
201
+ exit(0) if Puppet[:parseonly]
202
+
201
203
  # Translate it to a RAL catalog
202
204
  catalog = catalog.to_ral
203
205
 
206
+ catalog.finalize
207
+
204
208
  # And apply it
205
209
  catalog.apply
206
210
  rescue => detail
@@ -10,7 +10,7 @@
10
10
  #
11
11
  # puppetca [-h|--help] [-V|--version] [-d|--debug] [-v|--verbose]
12
12
  # [-g|--generate] [-l|--list] [-s|--sign] [-r|--revoke]
13
- # [-c|--clean] [host]
13
+ # [-p|--print] [-c|--clean] [--verify] [host]
14
14
  #
15
15
  # = Description
16
16
  #
@@ -55,6 +55,9 @@
55
55
  # List outstanding certificate requests. If '--all' is specified,
56
56
  # signed certificates are also listed, prefixed by '+'.
57
57
  #
58
+ # print::
59
+ # Print the full-text version of a host's certificate.
60
+ #
58
61
  # revoke::
59
62
  # Revoke the certificate of a client. The certificate can be specified
60
63
  # either by its serial number, given as a decimal number or a hexadecimal
@@ -73,6 +76,9 @@
73
76
  # version::
74
77
  # Print the puppet version number and exit.
75
78
  #
79
+ # verify::
80
+ # Verify the named certificate against the local CA certificate.
81
+ #
76
82
  # = Example
77
83
  #
78
84
  # $ puppetca -l
@@ -99,8 +105,10 @@ options = [
99
105
  [ "--generate", "-g", GetoptLong::NO_ARGUMENT ],
100
106
  [ "--help", "-h", GetoptLong::NO_ARGUMENT ],
101
107
  [ "--list", "-l", GetoptLong::NO_ARGUMENT ],
108
+ [ "--print", "-p", GetoptLong::NO_ARGUMENT ],
102
109
  [ "--revoke", "-r", GetoptLong::NO_ARGUMENT ],
103
110
  [ "--sign", "-s", GetoptLong::NO_ARGUMENT ],
111
+ [ "--verify", GetoptLong::NO_ARGUMENT ],
104
112
  [ "--version", "-V", GetoptLong::NO_ARGUMENT ],
105
113
  [ "--verbose", "-v", GetoptLong::NO_ARGUMENT ]
106
114
  ]
@@ -114,13 +122,13 @@ mode = nil
114
122
  all = false
115
123
  generate = nil
116
124
 
125
+ modes = [:clean, :list, :revoke, :generate, :sign, :print, :verify]
126
+
117
127
  begin
118
128
  result.each { |opt,arg|
119
129
  case opt
120
130
  when "--all"
121
131
  all = true
122
- when "--clean"
123
- mode = :clean
124
132
  when "--debug"
125
133
  Puppet::Util::Log.level = :debug
126
134
  when "--generate"
@@ -145,7 +153,12 @@ begin
145
153
  when "--verbose"
146
154
  Puppet::Util::Log.level = :info
147
155
  else
148
- Puppet.settings.handlearg(opt, arg)
156
+ tmp = opt.sub("--", '').to_sym
157
+ if modes.include?(tmp)
158
+ mode = tmp
159
+ else
160
+ Puppet.settings.handlearg(opt, arg)
161
+ end
149
162
  end
150
163
  }
151
164
  rescue GetoptLong::InvalidOption => detail
@@ -174,7 +187,7 @@ unless mode
174
187
  exit(12)
175
188
  end
176
189
 
177
- if [:generate, :clean, :revoke, :list].include?(mode)
190
+ if [:verify, :print, :generate, :clean, :revoke, :list].include?(mode)
178
191
  hosts = ARGV.collect { |h| h.downcase }
179
192
  end
180
193
 
@@ -271,6 +284,11 @@ when :generate
271
284
  cert.cacert = cacert
272
285
  cert.write
273
286
  }
287
+ when :print
288
+ hosts.each { |h|
289
+ cert = ca.getclientcert(h)[0]
290
+ puts cert.to_text
291
+ }
274
292
  when :revoke
275
293
  hosts.each { |h|
276
294
  serial = nil
@@ -291,6 +309,33 @@ when :revoke
291
309
  puts "Revoked certificate with serial #{serial}"
292
310
  end
293
311
  }
312
+ when :verify
313
+ unless ssl = %x{which openssl}.chomp
314
+ raise "Can't verify certificates without the openssl binary and could not find one"
315
+ end
316
+ success = true
317
+
318
+ cacert = Puppet[:localcacert]
319
+
320
+ hosts.each do |host|
321
+ print "%s: " % host
322
+ file = ca.host2certfile(host)
323
+ unless FileTest.exist?(file)
324
+ puts "no certificate found"
325
+ success = false
326
+ next
327
+ end
328
+
329
+
330
+ command = %{#{ssl} verify -CAfile #{cacert} #{file}}
331
+ output = %x{#{command}}
332
+ if $? == 0
333
+ puts "valid"
334
+ else
335
+ puts output
336
+ success = false
337
+ end
338
+ end
294
339
  else
295
340
  $stderr.puts "Invalid mode %s" % mode
296
341
  exit(42)
@@ -328,7 +328,7 @@ if Puppet[:daemonize]
328
328
  client.daemonize
329
329
  end
330
330
 
331
- unless client.read_cert
331
+ unless Puppet::Network::HttpPool.read_cert
332
332
  # If we don't already have the certificate, then create a client to
333
333
  # request one. Use the special ca stuff, don't use the normal server and port.
334
334
  caclient = Puppet::Network::Client.ca.new()
@@ -350,7 +350,9 @@ unless client.read_cert
350
350
  end
351
351
 
352
352
  # Now read the new cert in.
353
- if client.read_cert
353
+ if Puppet::Network::HttpPool.read_cert
354
+ # If we read it in, then get rid of our existing http connection.
355
+ client.recycle_connection
354
356
  Puppet.notice "Got signed certificate"
355
357
  else
356
358
  Puppet.err "Could not read certificates after retrieving them"
@@ -7,9 +7,9 @@
7
7
 
8
8
  Summary: A network tool for managing many disparate systems
9
9
  Name: puppet
10
- Version: 0.24.0
10
+ Version: 0.24.1
11
11
  Release: 1%{?dist}
12
- License: GPL
12
+ License: GPLv2+
13
13
  Group: System Environment/Base
14
14
 
15
15
  URL: http://puppet.reductivelabs.com/
@@ -48,6 +48,15 @@ The server can also function as a certificate authority and file server.
48
48
  for f in bin/* ; do
49
49
  sed -i -e '1c#!/usr/bin/ruby' $f
50
50
  done
51
+ # Fix some rpmlint complaints
52
+ for f in mac_dscl.pp mac_dscl_revert.pp \
53
+ mac_netinfo.pp mac_pkgdmg.pp ; do
54
+ sed -i -e'1d' examples/code/$f
55
+ chmod a-x examples/code/$f
56
+ done
57
+
58
+ find examples/ -type f -empty | xargs rm
59
+ find examples/ -type f | xargs chmod a-x
51
60
 
52
61
  %install
53
62
  rm -rf %{buildroot}
@@ -148,6 +157,13 @@ fi
148
157
  rm -rf %{buildroot}
149
158
 
150
159
  %changelog
160
+ * Mon Dec 17 2007 David Lutterkort <dlutter@redhat.com> - 0.24.0-2
161
+ - Use updated upstream tarball that contains yumhelper.py
162
+
163
+ * Fri Dec 14 2007 David Lutterkort <dlutter@redhat.com> - 0.24.0-1
164
+ - Fixed license
165
+ - Munge examples/ to make rpmlint happier
166
+
151
167
  * Wed Aug 22 2007 David Lutterkort <dlutter@redhat.com> - 0.23.2-1
152
168
  - New version
153
169
 
@@ -0,0 +1,2 @@
1
+ To install these files, copy them into ~/.vim, or the relevant
2
+ system-wide location.
@@ -0,0 +1,2 @@
1
+ " detect puppet filetype
2
+ au BufRead,BufNewFile *.pp set filetype=puppet
@@ -25,7 +25,7 @@ require 'puppet/util/suidmanager'
25
25
  # it's also a place to find top-level commands like 'debug'
26
26
 
27
27
  module Puppet
28
- PUPPETVERSION = '0.24.0'
28
+ PUPPETVERSION = '0.24.1'
29
29
 
30
30
  def Puppet.version
31
31
  return PUPPETVERSION
@@ -385,8 +385,6 @@ module Puppet
385
385
  may need to use a FQDN for the server hostname when using a proxy."],
386
386
  :http_proxy_port => [3128,
387
387
  "The HTTP proxy port to use for outgoing connections"],
388
- :http_keepalive => [true,
389
- "Whether to reuse http connections, thus enabling http-keepalive."],
390
388
  :http_enable_post_connection_check => [true,
391
389
  "Boolean; wheter or not puppetd should validate the server
392
390
  SSL certificate against the request hostname."],
@@ -122,13 +122,8 @@ class Puppet::Network::Client
122
122
  end
123
123
 
124
124
  # Make sure we set the driver up when we read the cert in.
125
- def read_cert
126
- if super
127
- @driver.recycle_connection(self) if @driver.respond_to?(:recycle_connection)
128
- return true
129
- else
130
- return false
131
- end
125
+ def recycle_connection
126
+ @driver.recycle_connection if @driver.respond_to?(:recycle_connection)
132
127
  end
133
128
 
134
129
  # A wrapper method to run and then store the last run time
@@ -141,9 +136,7 @@ class Puppet::Network::Client
141
136
  self.run
142
137
  self.lastrun = Time.now.to_i
143
138
  rescue => detail
144
- if Puppet[:trace]
145
- puts detail.backtrace
146
- end
139
+ puts detail.backtrace if Puppet[:trace]
147
140
  Puppet.err "Could not run %s: %s" % [self.class, detail]
148
141
  end
149
142
  end
@@ -182,8 +175,11 @@ class Puppet::Network::Client
182
175
  :tolerance => 1,
183
176
  :start? => true
184
177
  ) do
185
- if self.scheduled?
186
- self.runnow
178
+ begin
179
+ self.runnow if self.scheduled?
180
+ rescue => detail
181
+ puts detail.backtrace if Puppet[:trace]
182
+ Puppet.err "Could not run client; got otherwise uncaught exception: %s" % detail
187
183
  end
188
184
  end
189
185
 
@@ -1,6 +1,7 @@
1
1
  # The client for interacting with the puppetmaster config server.
2
2
  require 'sync'
3
3
  require 'timeout'
4
+ require 'puppet/network/http_pool'
4
5
 
5
6
  class Puppet::Network::Client::Master < Puppet::Network::Client
6
7
  unless defined? @@sync
@@ -69,7 +70,6 @@ class Puppet::Network::Client::Master < Puppet::Network::Client
69
70
  def clear
70
71
  @catalog.clear(true) if @catalog
71
72
  Puppet::Type.allclear
72
- mkdefault_objects
73
73
  @catalog = nil
74
74
  end
75
75
 
@@ -204,17 +204,6 @@ class Puppet::Network::Client::Master < Puppet::Network::Client
204
204
 
205
205
  self.class.instance = self
206
206
  @running = false
207
-
208
- mkdefault_objects
209
- end
210
-
211
- # Make the default objects necessary for function.
212
- def mkdefault_objects
213
- # First create the default scheduling objects
214
- Puppet::Type.type(:schedule).mkdefaultschedules
215
-
216
- # And filebuckets
217
- Puppet::Type.type(:filebucket).mkdefaultbucket
218
207
  end
219
208
 
220
209
  # Mark that we should restart. The Puppet module checks whether we're running,
@@ -271,6 +260,10 @@ class Puppet::Network::Client::Master < Puppet::Network::Client
271
260
  @catalog.apply(options)
272
261
  end
273
262
  end
263
+
264
+ # Now close all of our existing http connections, since there's no
265
+ # reason to leave them lying open.
266
+ Puppet::Network::HttpPool.clear_http_instances
274
267
  end
275
268
 
276
269
  lockfile.unlock
@@ -315,10 +315,6 @@ class Puppet::Network::Handler
315
315
  value = $2
316
316
  case var
317
317
  when "path":
318
- if mount.name == PLUGINS
319
- Puppet.warning "An explicit 'plugins' mount is deprecated. Please switch to using modules."
320
- end
321
-
322
318
  if mount.name == MODULES
323
319
  Puppet.warning "The '#{mount.name}' module can not have a path. Ignoring attempt to set it"
324
320
  else
@@ -0,0 +1,92 @@
1
+ require 'puppet/sslcertificates/support'
2
+ require 'net/https'
3
+
4
+ # Manage Net::HTTP instances for keep-alive.
5
+ module Puppet::Network::HttpPool
6
+ # This handles reading in the key and such-like.
7
+ extend Puppet::SSLCertificates::Support
8
+ @http_cache = {}
9
+
10
+ # Clear our http cache, closing all connections.
11
+ def self.clear_http_instances
12
+ @http_cache.each do |name, connection|
13
+ connection.finish if connection.started?
14
+ end
15
+ @http_cache.clear
16
+ @cert = nil
17
+ @key = nil
18
+ end
19
+
20
+ # Make sure we set the driver up when we read the cert in.
21
+ def self.read_cert
22
+ if val = super # This calls read_cert from the Puppet::SSLCertificates::Support module.
23
+ # Clear out all of our connections, since they previously had no cert and now they
24
+ # should have them.
25
+ clear_http_instances
26
+ return val
27
+ else
28
+ return false
29
+ end
30
+ end
31
+
32
+ # Use cert information from a Puppet client to set up the http object.
33
+ def self.cert_setup(http)
34
+ # Just no-op if we don't have certs.
35
+ return false unless (defined?(@cert) and @cert) or self.read_cert
36
+
37
+ store = OpenSSL::X509::Store.new
38
+ store.add_file Puppet[:localcacert]
39
+ store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
40
+
41
+ http.cert_store = store
42
+ http.ca_file = Puppet[:localcacert]
43
+ http.cert = self.cert
44
+ http.verify_mode = OpenSSL::SSL::VERIFY_PEER
45
+ http.key = self.key
46
+ end
47
+
48
+ # Retrieve a cached http instance of caching is enabled, else return
49
+ # a new one.
50
+ def self.http_instance(host, port, reset = false)
51
+ # We overwrite the uninitialized @http here with a cached one.
52
+ key = "%s:%s" % [host, port]
53
+
54
+ # Return our cached instance if we've got a cache, as long as we're not
55
+ # resetting the instance.
56
+ return @http_cache[key] if ! reset and @http_cache[key]
57
+
58
+ # Clean up old connections if we have them.
59
+ if http = @http_cache[key]
60
+ @http_cache.delete(key)
61
+ http.finish if http.started?
62
+ end
63
+
64
+ args = [host, port]
65
+ if Puppet[:http_proxy_host] == "none"
66
+ args << nil << nil
67
+ else
68
+ args << Puppet[:http_proxy_host] << Puppet[:http_proxy_port]
69
+ end
70
+ http = Net::HTTP.new(*args)
71
+
72
+ # Pop open the http client a little; older versions of Net::HTTP(s) didn't
73
+ # give us a reader for ca_file... Grr...
74
+ class << http; attr_accessor :ca_file; end
75
+
76
+ http.use_ssl = true
77
+ http.read_timeout = 120
78
+ http.open_timeout = 120
79
+ # JJM Configurable fix for #896.
80
+ if Puppet[:http_enable_post_connection_check]
81
+ http.enable_post_connection_check = true
82
+ else
83
+ http.enable_post_connection_check = false
84
+ end
85
+
86
+ cert_setup(http)
87
+
88
+ @http_cache[key] = http
89
+
90
+ return http
91
+ end
92
+ end
@@ -27,14 +27,14 @@ module Puppet
27
27
  return nil
28
28
  end
29
29
  unless File.exist?(Puppet[:cacrl])
30
- raise Puppet::Error, "Could not find CRL"
30
+ raise Puppet::Error, "Could not find CRL; set 'cacrl' to 'none' to disable CRL usage"
31
31
  end
32
32
  crl = OpenSSL::X509::CRL.new(File.read(Puppet[:cacrl]))
33
33
  store = OpenSSL::X509::Store.new
34
34
  store.purpose = OpenSSL::X509::PURPOSE_ANY
35
35
  store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK
36
36
  unless self.ca_cert
37
- raise Puppet::Error, "No CA certificate"
37
+ raise Puppet::Error, "Could not find CA certificate"
38
38
  end
39
39
 
40
40
  store.add_file(Puppet[:localcacert])
@@ -1,4 +1,5 @@
1
1
  require 'puppet/sslcertificates'
2
+ require 'puppet/network/http_pool'
2
3
  require 'openssl'
3
4
  require 'puppet/external/base64'
4
5
 
@@ -10,57 +11,15 @@ module Puppet::Network
10
11
  class ClientError < Puppet::Error; end
11
12
  class XMLRPCClientError < Puppet::Error; end
12
13
  class XMLRPCClient < ::XMLRPC::Client
14
+
13
15
  attr_accessor :puppet_server, :puppet_port
14
16
  @clients = {}
15
- @@http_cache = {}
16
17
 
17
18
  class << self
18
19
  include Puppet::Util
19
20
  include Puppet::Util::ClassGen
20
21
  end
21
22
 
22
- # Clear our http cache.
23
- def self.clear_http_instances
24
- @@http_cache.clear
25
- end
26
-
27
- # Retrieve a cached http instance of caching is enabled, else return
28
- # a new one.
29
- def self.http_instance(host, port, reset = false)
30
- # We overwrite the uninitialized @http here with a cached one.
31
- key = "%s:%s" % [host, port]
32
-
33
- # Return our cached instance if keepalive is enabled and we've got
34
- # a cache, as long as we're not resetting the instance.
35
- return @@http_cache[key] if ! reset and Puppet[:http_keepalive] and @@http_cache[key]
36
-
37
- args = [host, port]
38
- if Puppet[:http_proxy_host] == "none"
39
- args << nil << nil
40
- else
41
- args << Puppet[:http_proxy_host] << Puppet[:http_proxy_port]
42
- end
43
- @http = Net::HTTP.new(*args)
44
-
45
- # Pop open @http a little; older versions of Net::HTTP(s) didn't
46
- # give us a reader for ca_file... Grr...
47
- class << @http; attr_accessor :ca_file; end
48
-
49
- @http.use_ssl = true
50
- @http.read_timeout = 120
51
- @http.open_timeout = 120
52
- # JJM Configurable fix for #896.
53
- if Puppet[:http_enable_post_connection_check]
54
- @http.enable_post_connection_check = true
55
- else
56
- @http.enable_post_connection_check = false
57
- end
58
-
59
- @@http_cache[key] = @http if Puppet[:http_keepalive]
60
-
61
- return @http
62
- end
63
-
64
23
  # Create a netclient for each handler
65
24
  def self.mkclient(handler)
66
25
  interface = handler.interface
@@ -72,8 +31,7 @@ module Puppet::Network
72
31
  # they want.
73
32
  constant = handler.name.to_s.capitalize
74
33
  name = namespace.downcase
75
- newclient = genclass(name, :hash => @clients,
76
- :constant => constant)
34
+ newclient = genclass(name, :hash => @clients, :constant => constant)
77
35
 
78
36
  interface.methods.each { |ary|
79
37
  method = ary[0]
@@ -88,7 +46,7 @@ module Puppet::Network
88
46
  rescue OpenSSL::SSL::SSLError => detail
89
47
  if detail.message =~ /bad write retry/
90
48
  Puppet.warning "Transient SSL write error; restarting connection and retrying"
91
- self.recycle_connection(@cert_client)
49
+ self.recycle_connection
92
50
  retry
93
51
  end
94
52
  raise XMLRPCClientError,
@@ -109,7 +67,7 @@ module Puppet::Network
109
67
  raise error
110
68
  rescue Errno::EPIPE, EOFError
111
69
  Puppet.warning "Other end went away; restarting connection and retrying"
112
- self.recycle_connection(@cert_client)
70
+ self.recycle_connection
113
71
  retry
114
72
  rescue => detail
115
73
  if detail.message =~ /^Wrong size\. Was \d+, should be \d+$/
@@ -132,30 +90,6 @@ module Puppet::Network
132
90
  @clients[handler] || self.mkclient(handler)
133
91
  end
134
92
 
135
- # Use cert information from a Puppet client to set up the http object.
136
- def cert_setup(client)
137
- # Cache it for next time
138
- @cert_client = client
139
-
140
- unless FileTest.exist?(Puppet[:localcacert])
141
- raise Puppet::SSLCertificates::Support::MissingCertificate,
142
- "Could not find ca certificate %s" % Puppet[:localcacert]
143
- end
144
-
145
- # We can't overwrite certificates, @http will freeze itself
146
- # once started.
147
- unless @http.ca_file
148
- @http.ca_file = Puppet[:localcacert]
149
- store = OpenSSL::X509::Store.new
150
- store.add_file Puppet[:localcacert]
151
- store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
152
- @http.cert_store = store
153
- @http.cert = client.cert
154
- @http.verify_mode = OpenSSL::SSL::VERIFY_PEER
155
- @http.key = client.key
156
- end
157
- end
158
-
159
93
  def initialize(hash = {})
160
94
  hash[:Path] ||= "/RPC2"
161
95
  hash[:Server] ||= Puppet[:server]
@@ -179,13 +113,15 @@ module Puppet::Network
179
113
  true, # use_ssl
180
114
  120 # a two minute timeout, instead of 30 seconds
181
115
  )
182
- @http = self.class.http_instance(@host, @port)
116
+ @http = Puppet::Network::HttpPool.http_instance(@host, @port)
183
117
  end
184
118
 
185
- def recycle_connection(client)
186
- @http = self.class.http_instance(@host, @port, true) # reset the instance
187
-
188
- cert_setup(client)
119
+ # Get rid of our existing connection, replacing it with a new one.
120
+ # This should only happen if we lose our connection somehow (e.g., an EPIPE)
121
+ # or we've just downloaded certs and we need to create new http instances
122
+ # with the certs added.
123
+ def recycle_connection
124
+ @http = Puppet::Network::HttpPool.http_instance(@host, @port, true) # reset the instance
189
125
  end
190
126
 
191
127
  def start
@@ -260,6 +260,8 @@ class Puppet::Node::Catalog < Puppet::PGraph
260
260
 
261
261
  # Make sure all of our resources are "finished".
262
262
  def finalize
263
+ make_default_resources
264
+
263
265
  @resource_table.values.each { |resource| resource.finish }
264
266
 
265
267
  write_graph(:resources)
@@ -287,6 +289,20 @@ class Puppet::Node::Catalog < Puppet::PGraph
287
289
  finalize()
288
290
  end
289
291
  end
292
+
293
+ # Make the default objects necessary for function.
294
+ def make_default_resources
295
+ # We have to add the resources to the catalog, or else they won't get cleaned up after
296
+ # the transaction.
297
+
298
+ # First create the default scheduling objects
299
+ Puppet::Type.type(:schedule).mkdefaultschedules.each { |res| add_resource(res) unless resource(res.ref) }
300
+
301
+ # And filebuckets
302
+ if bucket = Puppet::Type.type(:filebucket).mkdefaultbucket
303
+ add_resource(bucket)
304
+ end
305
+ end
290
306
 
291
307
  # Create a graph of all of the relationships in our catalog.
292
308
  def relationship_graph
@@ -367,6 +383,11 @@ class Puppet::Node::Catalog < Puppet::PGraph
367
383
  end
368
384
  end
369
385
 
386
+ # Return an array of all resources.
387
+ def resources
388
+ @resource_table.keys
389
+ end
390
+
370
391
  # Add a tag.
371
392
  def tag(*names)
372
393
  names.each do |name|
@@ -62,7 +62,13 @@ class Puppet::Parser::Resource::Reference < Puppet::ResourceReference
62
62
  end
63
63
 
64
64
  def to_ref
65
- return [type.to_s,title.to_s]
65
+ # We have to return different cases to provide backward compatibility
66
+ # from 0.24.x to 0.23.x.
67
+ if builtin?
68
+ return [type.to_s.downcase, title.to_s]
69
+ else
70
+ return [type.to_s, title.to_s]
71
+ end
66
72
  end
67
73
 
68
74
  def typeclass
@@ -92,6 +92,19 @@ Puppet::Type.type(:package).provide :rpm, :source => :rpm, :parent => Puppet::Pr
92
92
  end
93
93
 
94
94
  def uninstall
95
+ query unless get(:arch)
96
+ nvr = "#{get(:name)}-#{get(:version)}-#{get(:release)}"
97
+ arch = ".#{get(:arch)}"
98
+ # If they specified an arch in the manifest, erase that Otherwise,
99
+ # erase the arch we got back from the query. If multiple arches are
100
+ # installed and only the package name is specified (without the
101
+ # arch), this will uninstall all of them on successive runs of the
102
+ # client, one after the other
103
+ if @resource[:name][-arch.size, arch.size] == arch
104
+ nvr += arch
105
+ else
106
+ nvr += ".#{get(:arch)}"
107
+ end
95
108
  rpm "-e", nvr
96
109
  end
97
110
 
@@ -99,11 +112,6 @@ Puppet::Type.type(:package).provide :rpm, :source => :rpm, :parent => Puppet::Pr
99
112
  self.install
100
113
  end
101
114
 
102
- def nvr
103
- query unless @nvr
104
- @nvr
105
- end
106
-
107
115
  def self.nevra_to_hash(line)
108
116
  line.chomp!
109
117
  hash = {}
@@ -30,25 +30,23 @@ module Puppet::SSLCertificates::Support
30
30
  define_method(reader) do
31
31
  return nil unless FileTest.exists?(Puppet[param])
32
32
  begin
33
- instance_variable_set(var,
34
- klass.new(File.read(Puppet[param])))
33
+ instance_variable_set(var, klass.new(File.read(Puppet[param])))
35
34
  rescue => detail
36
- raise InvalidCertificate, "Could not read %s: %s" %
37
- [param, detail]
35
+ raise InvalidCertificate, "Could not read %s: %s" % [param, detail]
38
36
  end
39
37
  end
40
38
 
41
39
  # Define the overall method, which just calls the reader and maker
42
40
  # as appropriate.
43
41
  define_method(name) do
44
- unless instance_variable_get(var)
42
+ unless cert = instance_variable_get(var)
45
43
  unless cert = send(reader)
46
44
  cert = send(maker)
47
45
  Puppet.settings.write(param) { |f| f.puts cert.to_pem }
48
46
  end
49
47
  instance_variable_set(var, cert)
50
48
  end
51
- instance_variable_get(var)
49
+ cert
52
50
  end
53
51
  end
54
52
 
@@ -72,12 +72,7 @@ module Puppet
72
72
  filebucketed files.
73
73
  "
74
74
 
75
- defaultto do
76
- # Make sure the default file bucket exists.
77
- obj = Puppet::Type.type(:filebucket)["puppet"] ||
78
- Puppet::Type.type(:filebucket).create(:name => "puppet")
79
- obj.bucket
80
- end
75
+ defaultto { "puppet" }
81
76
 
82
77
  munge do |value|
83
78
  # I don't really know how this is happening.
@@ -66,9 +66,9 @@ module Puppet
66
66
  # Create a default filebucket.
67
67
  def self.mkdefaultbucket
68
68
  unless default = self["puppet"]
69
- default = self.create :name => "puppet", :path => Puppet[:clientbucketdir]
69
+ return self.create(:name => "puppet", :path => Puppet[:clientbucketdir])
70
70
  end
71
- default
71
+ return nil
72
72
  end
73
73
 
74
74
  def self.instances
@@ -74,7 +74,8 @@ class Puppet::Util::FileType
74
74
 
75
75
  # Pick or create a filebucket to use.
76
76
  def bucket
77
- Puppet::Type.type(:filebucket).mkdefaultbucket.bucket
77
+ filebucket = Puppet::Type.type(:filebucket)
78
+ (filebucket["puppet"] || filebucket.mkdefaultbucket).bucket
78
79
  end
79
80
 
80
81
  def initialize(path)
@@ -12,9 +12,11 @@ class TestPuppetDExe < Test::Unit::TestCase
12
12
  include PuppetTest::ExeTest
13
13
  def setup
14
14
  super
15
+ Puppet[:certdnsnames] = "localhost"
15
16
  # start the master
16
17
  @manifest = startmasterd
17
18
 
19
+
18
20
  @cmd = "puppetd"
19
21
  @cmd += " --verbose"
20
22
  @cmd += " --test"
@@ -9,6 +9,11 @@ require 'socket'
9
9
 
10
10
  class TestPuppetMasterD < Test::Unit::TestCase
11
11
  include PuppetTest::ExeTest
12
+ def setup
13
+ super
14
+ Puppet[:certdnsnames] = "localhost"
15
+ end
16
+
12
17
  def getcerts
13
18
  include Puppet::Daemon
14
19
  if self.readcerts
@@ -239,9 +239,9 @@ class TestResource < PuppetTest::TestCase
239
239
  assert_equal("nobody", obj["owner"], "Single-value string was not passed correctly")
240
240
  assert_equal(%w{you me}, obj["group"], "Array of strings was not passed correctly")
241
241
  assert_equal("svn", obj["ignore"], "Array with single string was not turned into single value")
242
- assert_equal(["File", refs[0].title], obj["require"], "Resource reference was not passed correctly")
243
- assert_equal([["File", refs[1].title], ["File", refs[2].title]], obj["subscribe"], "Array of resource references was not passed correctly")
244
- assert_equal(["File", refs[3].title], obj["notify"], "Array with single resource reference was not turned into single value")
242
+ assert_equal(["file", refs[0].title], obj["require"], "Resource reference was not passed correctly")
243
+ assert_equal([["file", refs[1].title], ["file", refs[2].title]], obj["subscribe"], "Array of resource references was not passed correctly")
244
+ assert_equal(["file", refs[3].title], obj["notify"], "Array with single resource reference was not turned into single value")
245
245
  end
246
246
 
247
247
  # FIXME This isn't a great test, but I need to move on.
@@ -332,7 +332,7 @@ class TestResource < PuppetTest::TestCase
332
332
  end
333
333
 
334
334
  assert_instance_of(Array, trans["require"])
335
- assert_equal(["File", "/tmp/ref1"], trans["require"])
335
+ assert_equal(["file", "/tmp/ref1"], trans["require"])
336
336
 
337
337
  # Now try it when using an array of references.
338
338
  two = Parser::Resource::Reference.new(:type => "file", :title => "/tmp/ref2")
@@ -348,7 +348,7 @@ class TestResource < PuppetTest::TestCase
348
348
  assert_instance_of(Array, trans["require"][0])
349
349
  trans["require"].each do |val|
350
350
  assert_instance_of(Array, val)
351
- assert_equal("File", val[0])
351
+ assert_equal("file", val[0])
352
352
  assert(val[1] =~ /\/tmp\/ref[0-9]/,
353
353
  "Was %s instead of the file name" % val[1])
354
354
  end
@@ -54,6 +54,7 @@ module PuppetTest::ExeTest
54
54
  args += " --confdir %s" % Puppet[:confdir]
55
55
  args += " --rundir %s" % File.join(Puppet[:vardir], "run")
56
56
  args += " --vardir %s" % Puppet[:vardir]
57
+ args += " --certdnsnames %s" % Puppet[:certdnsnames]
57
58
  args += " --masterport %s" % @@port
58
59
  args += " --user %s" % Puppet::Util::SUIDManager.uid
59
60
  args += " --group %s" % Puppet::Util::SUIDManager.gid
@@ -221,34 +221,4 @@ class TestClient < Test::Unit::TestCase
221
221
  end
222
222
  end
223
223
  end
224
-
225
- # Make sure that reading the cert in also sets up the cert stuff for the driver
226
- def test_read_cert
227
- Puppet::Util::SUIDManager.stubs(:asuser).yields
228
-
229
- ca = Puppet::Network::Handler.ca.new
230
- caclient = Puppet::Network::Client.ca.new :CA => ca
231
-
232
- caclient.request_cert
233
-
234
- # First make sure it doesn't get called when the driver doesn't support :cert_setup
235
- client = FakeClient.new :Test => FakeDriver.new
236
- driver = client.driver
237
-
238
- assert_nothing_raised("Could not read cert") do
239
- client.read_cert
240
- end
241
-
242
- # And then that it does when the driver supports it
243
- client = FakeClient.new :Test => FakeDriver.new
244
-
245
- driver = client.driver
246
- driver.meta_def(:recycle_connection) { |c| }
247
- driver.expects(:recycle_connection).with(client)
248
-
249
- assert_nothing_raised("Could not read cert") do
250
- client.read_cert
251
- end
252
- end
253
224
  end
254
-
@@ -333,39 +333,6 @@ end
333
333
  assert(FileTest.exists?(file), "file was not created on second run")
334
334
  end
335
335
 
336
- def test_default_objects
337
- # Make sure they start out missing
338
- assert_nil(Puppet::Type.type(:filebucket)["puppet"],
339
- "default filebucket already exists")
340
- assert_nil(Puppet::Type.type(:schedule)["daily"],
341
- "default schedules already exists")
342
-
343
- master = mkclient()
344
-
345
- # Now make sure they got created
346
- assert(Puppet::Type.type(:filebucket)["puppet"],
347
- "default filebucket not found")
348
- assert(Puppet::Type.type(:schedule)["daily"],
349
- "default schedules not found")
350
-
351
- # clear everything, and make sure we can recreate them
352
- Puppet::Type.allclear
353
- assert_nil(Puppet::Type.type(:filebucket)["puppet"],
354
- "default filebucket not removed")
355
- assert_nil(Puppet::Type.type(:schedule)["daily"],
356
- "default schedules not removed")
357
- assert_nothing_raised { master.mkdefault_objects }
358
- assert(Puppet::Type.type(:filebucket)["puppet"],
359
- "default filebucket not found")
360
- assert(Puppet::Type.type(:schedule)["daily"],
361
- "default schedules not found")
362
-
363
-
364
- # Make sure we've got schedules
365
- assert(Puppet::Type.type(:schedule)["hourly"], "Could not retrieve hourly schedule")
366
- assert(Puppet::Type.type(:filebucket)["puppet"], "Could not retrieve default bucket")
367
- end
368
-
369
336
  # #540 - make sure downloads aren't affected by noop
370
337
  def test_download_in_noop
371
338
  source = tempfile
@@ -14,6 +14,11 @@ class TestWebrickServer < Test::Unit::TestCase
14
14
  super
15
15
  end
16
16
 
17
+ def teardown
18
+ super
19
+ Puppet::Network::HttpPool.clear_http_instances
20
+ end
21
+
17
22
  # Make sure we can create a server, and that it knows how to create its
18
23
  # certs by default.
19
24
  def test_basics
@@ -102,7 +107,7 @@ class TestWebrickServer < Test::Unit::TestCase
102
107
 
103
108
  assert_nothing_raised() {
104
109
  client = Puppet::Network::Client.status.new(
105
- :Server => Facter.value(:fqdn),
110
+ :Server => "localhost",
106
111
  :Port => @@port
107
112
  )
108
113
  }
@@ -111,6 +116,7 @@ class TestWebrickServer < Test::Unit::TestCase
111
116
 
112
117
  def mk_status_server
113
118
  server = nil
119
+ Puppet[:certdnsnames] = "localhost"
114
120
  assert_nothing_raised() {
115
121
  server = Puppet::Network::HTTPServer::WEBrick.new(
116
122
  :Port => @@port,
@@ -42,43 +42,4 @@ class TestXMLRPCClient < Test::Unit::TestCase
42
42
 
43
43
  assert(net, "did not get net client")
44
44
  end
45
-
46
- # Make sure the xmlrpc client is correctly reading all of the cert stuff
47
- # and setting it into the @http var
48
- def test_cert_setup
49
- client = nil
50
- assert_nothing_raised do
51
- client = Puppet::Network::XMLRPCClient.new()
52
- end
53
-
54
- caclient = mock 'client', :cert => :ccert, :key => :ckey
55
-
56
- FileTest.expects(:exist?).with(Puppet[:localcacert]).returns(true)
57
-
58
- store = mock 'sslstore'
59
- OpenSSL::X509::Store.expects(:new).returns(store)
60
- store.expects(:add_file).with(Puppet[:localcacert])
61
- store.expects(:purpose=).with(OpenSSL::X509::PURPOSE_SSL_CLIENT)
62
-
63
- class << client
64
- attr_accessor :http
65
- end
66
-
67
- http = mock 'http'
68
- client.http = http
69
-
70
- http.expects(:ca_file).returns(false)
71
- http.expects(:ca_file=).with(Puppet[:localcacert])
72
- http.expects(:cert=).with(:ccert)
73
- http.expects(:key=).with(:ckey)
74
- http.expects(:verify_mode=).with(OpenSSL::SSL::VERIFY_PEER)
75
- http.expects(:cert_store=)
76
-
77
- assert_nothing_raised do
78
- client.cert_setup(caclient)
79
- end
80
- end
81
-
82
- def test_http_cache
83
- end
84
45
  end
@@ -1787,8 +1787,6 @@ class TestFile < Test::Unit::TestCase
1787
1787
 
1788
1788
  assert_instance_of(Puppet::Network::Client::Dipper, file.bucket,
1789
1789
  "did not default to a filebucket for backups")
1790
- assert_equal(Puppet::Type.type(:filebucket)["puppet"].bucket, file.bucket,
1791
- "did not default to the 'puppet' filebucket")
1792
1790
  end
1793
1791
 
1794
1792
  # #515 - make sure 'ensure' other than "link" is deleted during recursion
@@ -22,6 +22,11 @@ class TestFileSources < Test::Unit::TestCase
22
22
  Puppet[:filetimeout] = -1
23
23
  Puppet::Util::SUIDManager.stubs(:asuser).yields
24
24
  end
25
+
26
+ def teardown
27
+ super
28
+ Puppet::Network::HttpPool.clear_http_instances
29
+ end
25
30
 
26
31
  def use_storage
27
32
  begin
@@ -547,6 +552,7 @@ class TestFileSources < Test::Unit::TestCase
547
552
 
548
553
  Puppet[:masterport] = 8762
549
554
  Puppet[:name] = "puppetmasterd"
555
+ Puppet[:certdnsnames] = "localhost"
550
556
 
551
557
  serverpid = nil
552
558
  assert_nothing_raised() {
@@ -592,6 +598,7 @@ class TestFileSources < Test::Unit::TestCase
592
598
 
593
599
  Puppet[:autosign] = true
594
600
  Puppet[:masterport] = @port
601
+ Puppet[:certdnsnames] = "localhost"
595
602
 
596
603
  serverpid = nil
597
604
  assert_nothing_raised("Could not start on port %s" % @port) {
metadata CHANGED
@@ -3,8 +3,8 @@ rubygems_version: 0.9.4
3
3
  specification_version: 1
4
4
  name: puppet
5
5
  version: !ruby/object:Gem::Version
6
- version: 0.24.0
7
- date: 2007-12-17 00:00:00 +01:00
6
+ version: 0.24.1
7
+ date: 2007-12-22 00:00:00 +01:00
8
8
  summary: System Automation and Configuration Management Software
9
9
  require_paths:
10
10
  - lib
@@ -204,6 +204,7 @@ files:
204
204
  - lib/puppet/network/rights.rb
205
205
  - lib/puppet/network/authstore.rb
206
206
  - lib/puppet/network/client_request.rb
207
+ - lib/puppet/network/http_pool.rb
207
208
  - lib/puppet/network/server.rb
208
209
  - lib/puppet/network/client.rb
209
210
  - lib/puppet/network/http_server.rb
@@ -592,8 +593,11 @@ files:
592
593
  - bin/ralsh
593
594
  - ext/puppet-test
594
595
  - ext/vim
595
- - ext/vim/filetype.vim
596
- - ext/vim/puppet.vim
596
+ - ext/vim/syntax
597
+ - ext/vim/syntax/puppet.vim
598
+ - ext/vim/ftdetect
599
+ - ext/vim/ftdetect/puppet.vim
600
+ - ext/vim/README
597
601
  - ext/module_puppet
598
602
  - ext/ldap
599
603
  - ext/ldap/puppet.schema
@@ -1,9 +0,0 @@
1
- " detect puppet filetypes
2
- " $Id$
3
-
4
- if exists("did_load_filetypes")
5
- finish
6
- endif
7
- augroup filetypedetect
8
- au! BufRead,BufNewFile *.pp setfiletype puppet
9
- augroup END